Return-to-libc attack

The first example of this attack in the wild was contributed by Alexander Peslyak on the Bugtraq mailing list in 1997.

Stack-smashing protection can prevent or obstruct exploitation as it may detect the corruption of the stack and possibly flush out the compromised segment.

With ASCII armoring, all the system libraries (e.g., libc) addresses contain a NULL byte (0x00).

This makes it impossible to emplace code containing those addresses using string manipulation functions such as strcpy().

For 32-bit systems, however, ASLR provides little benefit since there are only 16 bits available for randomization, and they can be defeated by brute force in a matter of minutes.